mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity
5,766 Commits 2 Branches 42 Tags
Commit Graph

775 Commits

Author SHA1 Message Date
onli
be2de1a0ed
Document #778 2022-02-03 20:30:14 +01:00
onli
31fcc6a338 Set 2.4-beta1 as beta release 2021-09-12 15:49:47 +02:00
onli
ff1fd8d8fa 2.4-beta1 release documentation 2021-09-12 15:36:54 +02:00
onli
2bad6efd9c
Hide PHP warnings in production mode (#765) 
* Hide PHP warnings in production mode

* Silence error reporing during second language file read
 2021-06-26 16:49:21 +02:00
onli
5dd3385c48 document user deletion fix 2021-06-08 23:47:43 +02:00
onli
a96fe8040a Set loading="lazy" to ML images if width and height are known 2021-06-05 18:23:36 +02:00
onli
5f488e97cf
Wysiwyg cleanup (#761) 
* Cleanup ckeditor config
Remove force-settings, remove verbose commentary from config, limit toolbar selection

* document toolbar removal
 2021-05-24 17:39:08 +02:00
onli
0590b97c67 minor: typos in NEWS 2021-05-13 22:29:27 +02:00
onli
9090de5605 update docs/NEWS 2021-05-13 22:13:21 +02:00
onli
7e48e041a2
Remove unused laminas db backend (#757) 
* Remove unused laminas db backend

* Remove laminas-db from composer.json

* Remove bundled-libs/laminas
 2021-04-27 21:50:34 +02:00
onli
b6e36ec128 Document Cache-Lite 1.8.3 upgrade 2021-03-05 08:23:01 +01:00
onli
54efde550e ARCHITECTURE is a markdown file 2021-02-07 12:05:32 +01:00
onli
b546ea3d4c Add ARCHITECTURE documentation file 2021-02-07 12:04:33 +01:00
onli
80be37ca8d document #748 2021-02-03 16:36:33 +01:00
Garvin Hicking
37cd0c3808 [TASK] Adds 'image_id' to event 'backend_image_add' in addData array 2020-09-16 11:21:05 +02:00
onli
3e82e948b1 document date/time editor change 2020-08-15 07:40:05 +00:00
onli
db08637624 Improve performance of the media library by caching the file list 2020-08-01 20:36:23 +02:00
Stephan Brunker
bba9792011 update NEWS 2020-06-06 01:51:25 +02:00
onli
2be8e6ba2a Use original image for srcset when it is small (#474) 2020-05-28 17:50:39 +02:00
Matthias Mees
3bc302fbcf Fix broken sidebar in bootstrap4 theme 2020-05-03 19:51:43 +02:00
Stephan Brunker
4db384f926 2k11/admin/comments: Stay on the same page after approving 2020-05-02 11:28:07 +02:00
Thomas Hochstein
1032bd9725 Release 2.3.5 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-04-25 08:37:03 +02:00
Thomas Hochstein
0fc509a50b Add NEWS item. 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-28 15:22:58 +01:00
Thomas Hochstein
53694e2691 Unconditionally keep upgraded_version in plugin cache. 
See #685 for more information.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-28 13:22:01 +01:00
Thomas Hochstein
ded855f096 [event_spartacus] Simplify count_plugin_upgrades() 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-28 13:21:09 +01:00
onli
d690a751d3 Up spamblock version, document #683 2020-03-25 22:33:19 +01:00
Thomas Hochstein
7bd1f3567e Add NEWS item. 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-25 21:48:27 +01:00
Thomas Hochstein
3148e44f87 Release 2.3.4 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-25 16:59:24 +01:00
Thomas Hochstein
e792a8d913 Fix RCE vulnerability on Windows. 
Steps to reproduce:

1) Upload a PHP script to the Media Libray,
   naming it "test" (or any other name
   without extension).
2) Rename it to "exploit.php." (trailing dot!)

On Linux, the file will be renamed to
"exploit.php..", which is safe and
cannot be exploited.

On Windows though, the file will be
renemad to "exploit.php" and is then
remotely executable by calling it
from "/uploads/exploit.php".

Thanks to Junyu Zhang <rgdz.eye@gmail.com>
for spotting this!

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-25 15:04:31 +01:00
Thomas Hochstein
90be45004b Add NEWS entry for ML rename fixes. 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-25 13:16:41 +01:00
Thomas Hochstein
d179f1b154 Add plugin source to list of plugins. 
* plugin_api.inc.php:
  - Add static list of bundled plugins.
  - Add function to check if plugin is
    bundled.
* plugins.inc.php:
  - Set source of plugin
    (Spartacus, bundled or local).
* plugins.inc.tpl:
  - Display plugin source.
* Add language constants.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-24 15:57:48 +01:00
onli
b15a453165 Use InnoDB and utf8mb4 on current mysql databases 
For new installations only so far
 2020-03-22 13:15:32 +01:00
Thomas Hochstein
05fe0a3526 Forgot to bump the release numbers. 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-22 11:36:22 +01:00
Thomas Hochstein
3680a119c3 Release 2.3.3 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-22 09:59:17 +01:00
Thomas Hochstein
d255ff0d2d NEWS: Third time's a charme. 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-21 23:41:44 +01:00
Thomas Hochstein
bbcab1f324 NEWS: And now without typos and missing lines. 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-21 23:25:43 +01:00
Thomas Hochstein
f40cd076c5 NEWS: Move backported entries from 2.4 to 2.3.3. 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-21 23:18:37 +01:00
Thomas Hochstein
cf30889d45 Add documentation for fix in plugin_comments. 
Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-21 18:03:32 +01:00
Thomas Hochstein
b718637794 Set empty limit to "" in serendipity_fetchEntries. 
If $limit is empty(), no limit is set, so we can
set the LIMIT statement to "" to achieve the same.

But an empty() $limit can be "0", so the
generated SQL statement could end with "0"
instead of the LIMIT statement. We catch this
with forcing an empty() $limit to "".

Fixes #636.
(No matter that this shouldn't even happen.)

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-21 17:59:13 +01:00
Thomas Hochstein
98944d8b14 Escape version string in update notifier. 
Fixes 674.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-20 19:07:19 +01:00
Thomas Hochstein
1ed4b9e7ec Prevent renaming ML object into existing file. 
When renaming objects in the Media Library,
s9y didn't check if a file with the same
name already exists, resulting in a file
name collision deleting both files from
the database _and_ from disk.

Add a check to avoid that.

An error message would be nice, too, but
that may be added later on.

Tested on s9y-stable test instance.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2020-03-20 17:54:29 +01:00
onli
f0e4b54243 Fix trackback deletion from frontend, invalid referrer error 
Was missing the token. For context see https://board.s9y.org/viewtopic.php?f=10&t=24633
 2019-12-16 14:49:00 +01:00
Garvin Hicking
60d2937c17 [DOCS] Document changes 2019-12-03 15:51:42 +01:00
Garvin Hicking
c26ece4240 [DOCS] Documents changes 2019-12-03 14:26:03 +01:00
onli
9c03f27e6f Make use of the video tag for videos in the ML 2019-11-03 21:30:51 +01:00
Stephan Brunker
2b82d111f0 Merge remote-tracking branch 'upstream/master' 2019-11-02 22:24:01 +01:00
Stephan Brunker
4d06475491 completed NEWS for PR #658 2019-11-02 22:22:09 +01:00
onli
8d0cd12b39 Fix links in ML not going to item when not an image 2019-11-02 21:32:24 +01:00
Thomas Hochstein
7a59338971 Add plugin fixes to main news file. 
Those plugins will only be released with
s9y proper - so we could and should announce
changes with the release.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2019-11-02 15:08:25 +01:00
Thomas Hochstein
01c87b771a Document change of language names and multilang fixes. 
Documents 5c4c11f0b4, d75e311077 and aa1f3b533d.

Signed-off-by: Thomas Hochstein <thh@inter.net>
 2019-11-02 15:06:31 +01:00